Password Manager (Password VX)
This will be an App for storing passwords securely in a single database file.
A user password (entered by the user) will be associated with the database file to unlock it along with a salt string stored in the software settings.
The AES encryption algorithm will be used in two stages to encrypt the saved data. See the Docs for more info.
A SHA256 hash of the combined hashed password and salt is used to form the key.
The encrypted database is saved along with an IV vector.
The integrity of the decoded data will be checked by the presence of a prefixed hash in the decoded data that equals a hash of the database data.
Features
- Suggest easy to remember but hard to crack passwords
- Analyze password strength using the zxcvbn methods
- Store name, password, URL, creation date, last update date, notes
- Search
- List in order of usage frequency
- Categories
- Feature to create a copy of the file with incremented index value
- Generate password salt value for each install and allow for display/modification of it
- Import data from Keepass2 database
Reference Links
zxcvbn: realistic password strength estimation - 10-year-old article. How far have we progressed?
zxcvbn Python - the reference code used to port zxcvbn to GDScript here.
KeePass2.x C# Source Code - unofficial mirror on GitHub.
KeePass Database Decryption Tutorial
Annual Report about password managers.
Testing
Unit testing is implemented with the GUT framework which may be installed from the Godot Asset Library in the Editor.
The directory for the tests should be set to res://test
Docs
Password Database File Format
We will store a sequence of bytes comprised of IV (16 bytes) + encrypted data bytes.
The file will be saved with a .pwd
extension that means password data.
Other uses for this file extension:
Branding
passwordvx
An alternative example: password-vx
A suggested interpretation of "vx" is: "version x"
We claim any combination of "password" and "vx" as prior art representing this brand.